<?php
/* 
 * The Security class will handle all security relevant issues
 * such as input variable checking and escaping as well as
 * easy encrypting of cookies and session variables etc.
 */
class Security {
    /**
     * The variable $var is checked to ony contain the characters of the following set:
     * A-Za-z0-9,.\-_ :\/@\n\r
     * @param   string $var:    contains the string to be tested for char composition
     *          boolean $die:   let's the consumer decide whether the scritpt will
     *                          terminate or simply return false on discovery of
     *                          potentially problematic characters (default: true).
     * @return  boolean true or dies if $var contains potential malicious characters
     *          and $die is set to true. Returns false otherwise.
     */
    public static function safeToUse($var, $die=true) {
 	if(strlen($var) <= 0)
            return(true);
 	if(preg_match('/^[A-Za-z0-9,.\-_ :\/@\n\r]+$/', $var))
            return(true);
	else {
            if($die)
                die("<hr>Error: possible malicious code<hr>");
            else
                return(false);
	}
    }
    /**
     * The variable $var is checked to ony contain the characters of the following set:
     * A-Za-z0-9,.\-_ :()\/@\n\r
     * @param   string $var:    contains the string to be tested for char composition
     *          boolean $die:   let's the consumer decide whether the scritpt will
     *                          terminate or simply return false on discovery of
     *                          potentially problematic characters (default: true).
     * @return  boolean true or dies if $var contains potential malicious characters
     *          and $die is set to true. Returns false otherwise.
     */
    public static function looseToUse($var, $die=true) {
 	if(strlen($var) <= 0)
            return(true);
 	if(preg_match('/^[A-Za-z0-9,.\-_ :()\/@\n\r]+$/', $var))
            return(true);
	else {
            if($die)
                die("<hr>Error: possible malicious code<hr>");
            else {
                return(false);
            }
	}
    }
}
?>
